{{ message }}
Use long for hashCode in ReferentialComparer to avoid overflow#3204
Merged
Conversation
Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
ce6a88c to
bb72faf
Compare
There was a problem hiding this comment.
Pull request overview
This PR addresses a new Qodana (2026.1) high-severity inspection by preventing potential overflow in ReferentialComparer.GetHashCode, which is used by the equivalency engine to key tuple-based caches by object identity and index.
Changes:
- Switched the hash accumulator from
inttolongto avoid overflow duringhashCode * 397multiplications. - Narrowed back to
intat return via an explicit cast to preserve the requiredinthash code API surface.
Test Results 37 files ±0 37 suites ±0 2m 46s ⏱️ +4s Results for commit bb72faf. ± Comparison against base commit 84b7cb6. This pull request removes 10 and adds 8 tests. Note that renamed tests count towards both.♻️ This comment has been updated with latest results. |
This was referenced May 12, 2026
searledan
added a commit
to fiscaltec/vitally-mcp
that referenced
this pull request
May 12, 2026
Updated [FluentAssertions](https://github.com/fluentassertions/fluentassertions) from 8.9.0 to 8.10.0. <details> <summary>Release notes</summary> _Sourced from [FluentAssertions's releases](https://github.com/fluentassertions/fluentassertions/releases)._ ## 8.10.0 <!-- Release notes generated using configuration in .github/release.yml at main --> ## What's Changed ### Improvements * Fail with a descriptive error when path-based rules are used on value-semantic types by @dennisdoomen in fluentassertions/fluentassertions#3187 * Significantly speed up BeEquivalentTo for large unordered collections by @dennisdoomen in fluentassertions/fluentassertions#3188 * Add ComparingNullCollectionsAsEmpty and ComparingNullStringsAsEmpty options to BeEquivalentTo by @dennisdoomen in fluentassertions/fluentassertions#3202 * Include original index in extraneous item failure messages by @dennisdoomen in fluentassertions/fluentassertions#3203 ### Documentation * Reroute the docs link to Xceed by @dennisdoomen in fluentassertions/fluentassertions#3183 * Fix typo in release notes by @jnyrup in fluentassertions/fluentassertions#3194 * Fix typos in docs by @jnyrup in fluentassertions/fluentassertions#3197 ### Others * Bump flatted from 3.4.1 to 3.4.2 in the npm_and_yarn group across 1 directory by @dependabot[bot] in fluentassertions/fluentassertions#3184 * Add AI assistant instruction file (agents.md) for Copilot, Claude, and JetBrains Junie by @Copilot in fluentassertions/fluentassertions#3176 * Bump smol-toml from 1.6.0 to 1.6.1 in the npm_and_yarn group across 1 directory by @dependabot[bot] in fluentassertions/fluentassertions#3185 * Bump the npm_and_yarn group across 1 directory with 2 updates by @dependabot[bot] in fluentassertions/fluentassertions#3186 * Bump cspell from 9.7.0 to 10.0.0 by @dependabot[bot] in fluentassertions/fluentassertions#3189 * Update nugets by @jnyrup in fluentassertions/fluentassertions#3192 * Fixup Qodana issues by @jnyrup in fluentassertions/fluentassertions#3193 * Fix Qodana argument separator by @jnyrup in fluentassertions/fluentassertions#3195 * Use new Qodana linter option by @jnyrup in fluentassertions/fluentassertions#3196 * Fix flaky BeLessThanOrEqualTo execution time test by @Copilot in fluentassertions/fluentassertions#3200 * Bump JetBrains/qodana-action from 2025.3 to 2026.1 by @dependabot[bot] in fluentassertions/fluentassertions#3201 * Use long for hashCode in ReferentialComparer to avoid overflow by @dennisdoomen in fluentassertions/fluentassertions#3204 **Full Changelog**: fluentassertions/fluentassertions@8.9.0...8.10.0 Commits viewable in [compare view](fluentassertions/fluentassertions@8.9.0...8.10.0). </details> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: Dan Searle <dan_searle@outlook.com>
This was referenced May 12, 2026
This was referenced Jun 29, 2026
Closed
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.

Problem
The Qodana workflow on
mainhas been failing since bumpingJetBrains/qodana-actionfrom 2025.3 to 2026.1 (run #25039911647). The new Qodana version introduced an improved Possible overflow in 'unchecked' context (High severity) inspection.Root Cause
ReferentialComparer.GetHashCodeused anint hashCodeaccumulator withhashCode * 397multiplications that can silently overflow. The equivalent pattern inNode.csalready wraps the computation inunchecked {}, butReferentialComparer.csdid not.Fix
Changed the
hashCodelocal variable frominttolongso the multiplications cannot overflow, then narrowed back tointon return via an explicit truncating cast (the correct and expected behavior for hash codes).HashCode.Combineis not an option since the project targetsnet47andnetstandard2.0.